﻿@{
  
   // Layout = "_Layout.cshtml";
   Layout = "_Layout";
    // Setting security HTTP headers
    Context.Response.Headers["Content-Security-Policy"] = $"object-src 'none'; form-action 'self'";
    Context.Response.Headers["X-XSS-Protection"] = "1; mode=block";
    Context.Response.Headers["X-Frame-Options"] = "SAMEORIGIN";
    Context.Response.Headers["Referrer-Policy"] = "no-referrer-when-downgrade";

    if (Context.Request.IsHttps)
    {
        Context.Response.Headers["Strict-Transport-Security"] = "max-age=63072000";
    }
}